Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2019 Greenbone AGOPENVAS:1361412562310815688
HistoryDec 12, 2019 - 12:00 a.m.

Adobe Reader 2017 Security Updates (APSB19-55) - Mac OS X

2019-12-1200:00:00
Copyright (C) 2019 Greenbone AG
plugins.openvas.org
11

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.058 Low

EPSS

Percentile

93.3%

JSON

Adobe Reader 2017 is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2019 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:adobe:acrobat_reader";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.815688");
  script_version("2024-02-09T14:47:30+0000");
  script_cve_id("CVE-2019-16449", "CVE-2019-16456", "CVE-2019-16457", "CVE-2019-16458",
                "CVE-2019-16461", "CVE-2019-16465", "CVE-2019-16450", "CVE-2019-16454",
                "CVE-2019-16445", "CVE-2019-16448", "CVE-2019-16452", "CVE-2019-16459",
                "CVE-2019-16464", "CVE-2019-16451", "CVE-2019-16462", "CVE-2019-16446",
                "CVE-2019-16455", "CVE-2019-16460", "CVE-2019-16463", "CVE-2019-16444",
                "CVE-2019-16453", "CVE-2019-16470", "CVE-2019-16471");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2024-02-09 14:47:30 +0000 (Fri, 09 Feb 2024)");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2019-12-30 17:01:00 +0000 (Mon, 30 Dec 2019)");
  script_tag(name:"creation_date", value:"2019-12-12 12:24:08 +0530 (Thu, 12 Dec 2019)");
  script_name("Adobe Reader 2017 Security Updates (APSB19-55) - Mac OS X");

  script_tag(name:"summary", value:"Adobe Reader 2017 is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present
  on the target host.");

  script_tag(name:"insight", value:"Multiple flaws exist due to following
  errors,

  - An out-of-bounds read.

  - An out-of-bounds write.

  - A use after free.

  - A heap overflow.

  - A buffer error.

  - Untrusted Pointer Dereference.

  - Binary Planting (default folder privilege escalation).

  - A Security Bypass.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to gain escalated privileges, get access to potentially sensitive
  information and execute arbitrary code.");

  script_tag(name:"affected", value:"Adobe Reader 2017 prior to version 2017.011.30156 on Mac OS X.");

  script_tag(name:"solution", value:"Upgrade to Adobe Reader 2017 version
  2017.011.30156 or later. Please see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"executable_version");
  script_xref(name:"URL", value:"https://helpx.adobe.com/security/products/acrobat/apsb19-55.html");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2019 Greenbone AG");
  script_family("General");
  script_dependencies("secpod_adobe_prdts_detect_macosx.nasl");
  script_mandatory_keys("Adobe/Reader/MacOSX/Version");
  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
  exit(0);

vers = infos["version"];
path = infos["location"];

## 2017.011.30156 == 17.011.30156
if(version_in_range(version:vers, test_version:"17.0", test_version2:"17.011.30155")) {
  report = report_fixed_ver(installed_version:vers, fixed_version:"17.011.30156 (2017.011.30156)", install_path:path);
  security_message(data:report);
  exit(0);
}

exit(99);

Related

openvas 11
nessus 4
adobe 1
threatpost 1
checkpoint_advisories 21
cve 23
prion 23
symantec 3
kaspersky 1
cnvd 1
talosblog 1
talos 1
zdi 1
zdt 1
openvas
openvas
Adobe Reader DC (Classic) 2015 Security Updates (APSB19-55) - Windows
2019-12-12 00:00:00
Adobe Reader DC (Classic) 2015 Security Updates (APSB19-55) - Mac OS X
2019-12-12 00:00:00
Adobe Reader 2017 Security Updates (APSB19-55) - Windows
2019-12-12 00:00:00
nessus
nessus
Adobe Reader <= 2015.006.30505 / 2017.011.30152 / 2019.021.20056 Multiple Vulnerabilities (APSB19-55) (macOS)
2019-12-13 00:00:00
Adobe Acrobat <= 2015.006.30505 / 2017.011.30155 / 2019.021.20056 Multiple Vulnerabilities (APSB19-55) (macOS)
2019-12-13 00:00:00
Adobe Reader <= 2015.006.30505 / 2017.011.30152 / 2019.021.20056 Multiple Vulnerabilities (APSB19-55)
2019-12-13 00:00:00
adobe
adobe
APSB19-55 - Security update available for Adobe Acrobat and Reader
2019-12-10 00:00:00
threatpost
threatpost
Adobe Fixes 17 Critical Acrobat, Photoshop and Brackets Flaws
2019-12-10 16:37:03
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat and Reader Out-of-Bounds Read (APSB19-55: CVE-2019-16465)
2019-12-10 00:00:00
Adobe Acrobat and Reader Out-of-Bounds Read (APSB19-55: CVE-2019-16458)
2019-12-10 00:00:00
Adobe Acrobat and Reader Buffer Errors (APSB19-55: CVE-2019-16462)
2019-12-10 00:00:00
cve
cve
CVE-2019-16457
2019-12-19 15:15:00
CVE-2019-16444
2019-12-19 15:15:00
CVE-2019-16460
2019-12-19 15:15:00
prion
prion
Double free
2019-12-19 16:16:00
Double free
2019-12-19 15:15:00
Double free
2019-12-19 15:15:00
symantec
symantec
Adobe Acrobat and Reader CVE-2019-16444 Local Privilege Escalation Vulnerability
2019-12-10 00:00:00
Adobe Acrobat and Reader CVE-2019-16462 Arbitrary Code Execution Vulnerability
2019-12-10 00:00:00
Adobe Acrobat and Reader CVE-2019-16451 Heap Buffer Overflow Vulnerability
2019-12-10 00:00:00
kaspersky
kaspersky
KLA11622 Multiple vulnerabilities in Adobe Reader and Adobe Acrobat Reader
2019-11-18 00:00:00
cnvd
cnvd
Command Execution Vulnerability in 4A Unified Security Control Platform of Beijing Qixingchen Information Security Technology Co.
2023-09-15 00:00:00
talosblog
talosblog
Vulnerability Spotlight: Information leak vulnerability in Adobe Acrobat Reader
2019-12-11 09:38:45
talos
talos
Adobe Acrobat Reader DC Javascript gotoNamedDest information leak vulnerability
2019-12-10 00:00:00
zdi
zdi
Adobe Acrobat Pro DC TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2020-02-03 00:00:00
zdt
zdt
Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font Exploit
2019-12-11 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.058 Low

EPSS

Percentile

93.3%

JSON
Related for OPENVAS:1361412562310815688
openvas11nessus4adobe1threatpost1checkpoint_advisories21cve23prion23symantec3kaspersky1cnvd1talosblog1talos1zdi1zdt1